Cybellum Expands Leadership in Automotive Cybersecurity; Becomes a CVE® Numbering Authority (CNA)
Cybellum Authorized to Assign CVEs to Automotive Cybersecurity Vulnerabilities
SAN FRANCISCO, Jan. 15, 2020 /PRNewswire/ -- Cybellum, a leader in Automotive Cybersecurity Risk Assessment solutions, announced today that it joined the CNA (CVE Numbering Authority) program. The company's cyber security experts will now contribute to the CVE by disclosing, reporting and assigning CVEs to vulnerabilities. With this nomination, the company joins some of the world's top technology and cybersecurity corporations in advancing the cyber security community.
CVE Numbering Authorities (CNAs) are organizations from around the world authorized to assign CVE IDs to vulnerabilities affecting products within their scope, for inclusion in first-time public announcements of new vulnerabilities. These CVE IDs are then provided to researchers, vulnerability disclosure organizations, and information technology vendors. The U.S. National Vulnerability Database (NVD) is also fed by CVE.
The CVE List was launched by MITRE as a community effort in 1999, and since then, only 110 firms and organizations globally have joined the effort. Among the members of the CNA program are the world's top technology corporations. But, till today, the automotive cybersecurity industry was not a focus area.
"With the entrance of connected cars and upcoming autonomous vehicles to the market, comes the responsibility of automotive OEMs and suppliers to properly manage the cybersecurity risks that these technologies come with. We feel that it's time for our industry to have its own authorities to disclose vulnerabilities to the public. We are very excited about being the first automotive cybersecurity company registered as a CNA. We expect others to follow us and contribute to public security," said Slava Bronfman, Cybellum CEO.
Cybellum automotive risk analysis solutions automatically detect a wide range of zero-day vulnerabilities in in-vehicle ECUs and other automotive software. OEMs and suppliers using Cybellum solutions can now close the entire life-cycle of vulnerabilities. Using Cybellum, these vendors can automatically detect a vulnerability, mitigate and remediate it, and work with the company's security research team to properly disclose and assign a CVE to it.
About Cybellum
As a leading automotive cybersecurity risk assessment and management solution provider, Cybellum helps automotive OEMs and suppliers to manage their security risks throughout the product lifecycle and across the supply chain. Using its unique V-Ray® vulnerability detection and analysis technology customers can automatically scan closed-source components and continuously monitor for new and modified threats.
Cybellum solutions are deployed in OEMs and Tier-1 suppliers worldwide.
Media Contact
Eyal Traitel
Cybellum Technologies Ltd.
+1 (415) 992-6330
[email protected]
SOURCE Cybellum
Share this article